The Java™ Platform, Enterprise Edition (which may be referred to as Java™ EE or J2EE™) is a widely used platform for server programming in the Java™ programming language. Java™ may be described as a class-based, platform-independent programming language. The Java™ EE platform includes libraries, which provide functionality to deploy distributed, multi-tier Java™ software based largely on modular components running on an application server. Java™ EE is defined by its specification, which includes several Application Programming Interface (API) specifications and defines how to coordinate them.
The Java™ EE Connector Architecture addresses the integration of Java™ technology-based enterprise applications with work-initiating systems such as Enterprise Information Systems (EIS). The Java™ EE Connector Architecture provides a Java™ technology solution to the problem of connectivity between the many application servers and work-initiating systems (e.g., EIS). Examples of Enterprise Information Systems (EIS) include Enterprise Resource Planning (ERP) systems, Customer Relationship Management (CRM) systems, Supply Chain Management business applications and database systems. The connector specification standardizes a set of contracts that enable a connector (also referred to as a resource adapter) between a work-initiating system such as an EIS and an application server to propagate an imported transaction from the EIS to the application server, so that the application server and all related participants can do work as part of the imported transaction. The connector serves as the point of contact between application components, application servers and a work-initiating system such as an EIS. A connector may be viewed as a system-level software driver that is used by a container or an application client to connect to an EIS. A connector is generally specific to a particular EIS.
It is critical, in EIS integration scenarios, that all interactions between an application server and a connector are secure, and that unauthorized access to application components deployed in an application server are prevented. Conventional connectors typically employ transport and message level security for connecting to and receiving messages from an EIS. To achieve end-to-end application security, it is important for security purposes that all activities of a work instance that is submitted by a connector, including delivering messages to a message endpoint, happen in the context of an established identity. Although conventional connectors may employ transport and message level security for connecting to an EIS and receiving messages from an EIS, there has been no standard, portable security inflow contract that enables conventional connectors to deliver application level security while executing a task in a work instance (e.g., one or more tasks executed by an application server) or while delivering a message to a message endpoint (e.g., the boundary between a messaging API and application code). Due to the fact that there has been no standard, portable method for establishing a security inflow contract, connector implementers conventionally have had to adapt their connectors to a variety of proprietary security interfaces in application server environments in which they need or desire to deploy their connectors. In addition, due to the lack of standard contracts to flow-in security context during message delivery in conventional systems, the business logic in message endpoints has been limited to execution in a fixed or unknown security context.
Java™, Java™ EE, J2EE™, and EJB™ as used throughout this document, are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.